The Experts below are selected from a list of 2388 Experts worldwide ranked by ideXlab platform
Zongyang Zhang - One of the best experts on this subject based on the ideXlab platform.
-
FDCO: attribute-based fast data cloud-outsourcing scheme for mobile devices
International Journal of Information Security, 2019Co-Authors: Yanting Zhang, Jianwei Liu, Zongyang Zhang, Weiran LiuAbstract:We propose an attribute-based fast data cloud-outsourcing (FDCO) scheme, which shows great performance in mobile devices. Technically, this work is a CCA-secure online/offline key encapsulation scheme based on ciphertext-policy attribute-based encryption with public validity test and indirect user revocation mechanism. We adapt it to a mobile cloud-outsourcing scenario and present a concrete system. Our scheme is equipped with the following desirable properties: First, encapsulation needs only several lightweight online modular addition/multiplication operations, which is appealing to mobile users. Second, it is equipped with an efficient indirect user revocation mechanism to support Access Credential revocation. Third, it supports public encapsulation validity test, which enables auditors to filter invalid data, so as to prevent attackers from sending invalid data to stuff users’ accounts. Finally, we prove its security against chosen-ciphertext attacks (CCA) in the standard model. We conduct theoretical analyses and extensive experiments to show that our scheme is practical and efficient in application.
-
ISC - Multi-authority Fast Data Cloud-Outsourcing for Mobile Devices
Developments in Language Theory, 2018Co-Authors: Yanting Zhang, Jianwei Liu, Zongyang ZhangAbstract:We propose a multi-authority fast data cloud-outsourcing (MFDCO) scheme especially suitable for mobile devices. It is a multi-authority online/offline encapsulation scheme based on efficient large-universe ciphertext-policy attribute-based encryption, and supports fine-grained Access control, dynamic revocation, and public validity test. Any party can become an authority to participate in the distribution of attribute Credential and Credential updating. Apart from the initial generation of public global parameters, there is no requirement for any coordination among distinct authorities. In addition, the MFDCO scheme allows data owners to enforce fine-grained Access control through lightweight online operations, which is extremely friendly for mobile users. It is equipped with an efficient revocation mechanism to realize dynamic Access Credential revocations. It also allows public encapsulation validity test, thus preventing attackers from stuffing users’ data storage accounts with invalid encapsulations, as well as achieving security against active attacks. Comprehensive analyses illustrate that the MFDCO scheme is suitable for commercial sensitive data cloud-outsourcing, especially in public cloud environment.
Yanting Zhang - One of the best experts on this subject based on the ideXlab platform.
-
FDCO: attribute-based fast data cloud-outsourcing scheme for mobile devices
International Journal of Information Security, 2019Co-Authors: Yanting Zhang, Jianwei Liu, Zongyang Zhang, Weiran LiuAbstract:We propose an attribute-based fast data cloud-outsourcing (FDCO) scheme, which shows great performance in mobile devices. Technically, this work is a CCA-secure online/offline key encapsulation scheme based on ciphertext-policy attribute-based encryption with public validity test and indirect user revocation mechanism. We adapt it to a mobile cloud-outsourcing scenario and present a concrete system. Our scheme is equipped with the following desirable properties: First, encapsulation needs only several lightweight online modular addition/multiplication operations, which is appealing to mobile users. Second, it is equipped with an efficient indirect user revocation mechanism to support Access Credential revocation. Third, it supports public encapsulation validity test, which enables auditors to filter invalid data, so as to prevent attackers from sending invalid data to stuff users’ accounts. Finally, we prove its security against chosen-ciphertext attacks (CCA) in the standard model. We conduct theoretical analyses and extensive experiments to show that our scheme is practical and efficient in application.
-
ISC - Multi-authority Fast Data Cloud-Outsourcing for Mobile Devices
Developments in Language Theory, 2018Co-Authors: Yanting Zhang, Jianwei Liu, Zongyang ZhangAbstract:We propose a multi-authority fast data cloud-outsourcing (MFDCO) scheme especially suitable for mobile devices. It is a multi-authority online/offline encapsulation scheme based on efficient large-universe ciphertext-policy attribute-based encryption, and supports fine-grained Access control, dynamic revocation, and public validity test. Any party can become an authority to participate in the distribution of attribute Credential and Credential updating. Apart from the initial generation of public global parameters, there is no requirement for any coordination among distinct authorities. In addition, the MFDCO scheme allows data owners to enforce fine-grained Access control through lightweight online operations, which is extremely friendly for mobile users. It is equipped with an efficient revocation mechanism to realize dynamic Access Credential revocations. It also allows public encapsulation validity test, thus preventing attackers from stuffing users’ data storage accounts with invalid encapsulations, as well as achieving security against active attacks. Comprehensive analyses illustrate that the MFDCO scheme is suitable for commercial sensitive data cloud-outsourcing, especially in public cloud environment.
Kim-kwang Raymond Choo - One of the best experts on this subject based on the ideXlab platform.
-
CryptCloud+: Secure and Expressive Data Access Control for Cloud Storage
IEEE Transactions on Services Computing, 2019Co-Authors: Jianting Ning, Zhenfu Cao, Xiaolei Dong, Kaitai Liang, Lifei Wei, Kim-kwang Raymond ChooAbstract:Secure cloud storage, an emerging cloud service, guarantees the confidentiality of outsourced data while providing flexible data Access control for cloud users whose data are out of their physical control. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is one of the promising secure mechanisms to support fine-grained Access control on encrypted data in cloud settings. However, due to its inherent "all-or-nothing" decryption control characteristic, there is a risk for the misuse of Access Credentials. In this paper, we consider the two main types of Access Credential misuse, namely: semi-trusted authority's illegal Access Credential (re-)distribution, and cloud user's illegal Access Credential leakage. To mitigate these two types of Access Credential misuse, we propose the first accountable authority revokable CP-ABE based cloud storage system with white-box traceability and auditing, referred to as CryptCloud+. We also prove the security of our system and present the experimental results to demonstrate the utility of our system.
Jianwei Liu - One of the best experts on this subject based on the ideXlab platform.
-
FDCO: attribute-based fast data cloud-outsourcing scheme for mobile devices
International Journal of Information Security, 2019Co-Authors: Yanting Zhang, Jianwei Liu, Zongyang Zhang, Weiran LiuAbstract:We propose an attribute-based fast data cloud-outsourcing (FDCO) scheme, which shows great performance in mobile devices. Technically, this work is a CCA-secure online/offline key encapsulation scheme based on ciphertext-policy attribute-based encryption with public validity test and indirect user revocation mechanism. We adapt it to a mobile cloud-outsourcing scenario and present a concrete system. Our scheme is equipped with the following desirable properties: First, encapsulation needs only several lightweight online modular addition/multiplication operations, which is appealing to mobile users. Second, it is equipped with an efficient indirect user revocation mechanism to support Access Credential revocation. Third, it supports public encapsulation validity test, which enables auditors to filter invalid data, so as to prevent attackers from sending invalid data to stuff users’ accounts. Finally, we prove its security against chosen-ciphertext attacks (CCA) in the standard model. We conduct theoretical analyses and extensive experiments to show that our scheme is practical and efficient in application.
-
ISC - Multi-authority Fast Data Cloud-Outsourcing for Mobile Devices
Developments in Language Theory, 2018Co-Authors: Yanting Zhang, Jianwei Liu, Zongyang ZhangAbstract:We propose a multi-authority fast data cloud-outsourcing (MFDCO) scheme especially suitable for mobile devices. It is a multi-authority online/offline encapsulation scheme based on efficient large-universe ciphertext-policy attribute-based encryption, and supports fine-grained Access control, dynamic revocation, and public validity test. Any party can become an authority to participate in the distribution of attribute Credential and Credential updating. Apart from the initial generation of public global parameters, there is no requirement for any coordination among distinct authorities. In addition, the MFDCO scheme allows data owners to enforce fine-grained Access control through lightweight online operations, which is extremely friendly for mobile users. It is equipped with an efficient revocation mechanism to realize dynamic Access Credential revocations. It also allows public encapsulation validity test, thus preventing attackers from stuffing users’ data storage accounts with invalid encapsulations, as well as achieving security against active attacks. Comprehensive analyses illustrate that the MFDCO scheme is suitable for commercial sensitive data cloud-outsourcing, especially in public cloud environment.
-
Secure pay-TV for chained hotels
International Journal of Information Security, 2016Co-Authors: Hua Deng, Bo Qin, Yunya Zhou, Jianwei LiuAbstract:There is an increasing demand of securely selling pay-TV channels to large organizations such as chained hotels. Most solutions usually employ a key generation authority to distribute secret Access Credentials for all users, which would cause the single-point problem of inefficient key management. Further, there is a risk of the leakage of users' Access Credentials while countermeasures to find out the leaked Credentials are lacking. To address such issues, we propose a leakage traceable hierarchical key distribution (LTHKD) framework with the key delegation and the key-leakage tracing. The key delegation allows the key generation authority to apportion the tasks of Access Credential generation to a number of group authorities; the tracing mechanism provides an efficient method to find out the leaked Access Credentials. We present a concrete LTHKD scheme by extending hierarchical identity-based encryption to groups with users' Access Credentials elegantly encoded by unique fingerprint codes. We formally prove the security of the proposed scheme in a rigorous definition and conduct thorough theoretical and experimental analyses to evaluate the system performance. Surprisingly, the results show that the added key-leakage tracing mechanism has little affection on data encryption and decryption procedures.
Raja Jacob Chidipi - One of the best experts on this subject based on the ideXlab platform.
-
cryptcloud+: Expressive, Efficient and Revocable Data Access Control for Cloud Storage
International Journal of Research, 2019Co-Authors: Suresh Kumar Potnuru, Raja Jacob ChidipiAbstract:Cipher text-Policy Attribute-Based Encryption(CP-ABE) is viewed as a standout amongst the most encouraging systems that might be utilized to secure the assurance of the service. Be that as it may ,the utilization of CP-ABE may yield an unavoidable security rupture which is known as the misuse of Access Credential (i.e. decryption right). In this paper, we examine the two primary instances of Access Credential abuse: one is on the semi-trusted authority side, and the other is in favour of cloud client. To relieve the misuse, we propose revocable CP-ABE based cloud storage framework with explicit revoking, timed data Accessing and multiple auditing abilityreferred asCloud. Additionally, present the security investigation and further show the utility of framework.
